Conversation

This Tweet was deleted by the Tweet author. Learn more
This Tweet was deleted by the Tweet author. Learn more
This Tweet was deleted by the Tweet author. Learn more
This Tweet was deleted by the Tweet author. Learn more
This Tweet was deleted by the Tweet author. Learn more
Daniel Micay
@DanielMicay
Replying to
@saleemrash1d
and
@spudowiar
It's problematic because unlike the dangerous permissions, bypasses weren't treated as bugs. For example, it's possible for apps to make HTTP GET requests by opening a URL in a browser via standard intents. Those intents would all need to require INTERNET or consent for each use.
This Tweet was deleted by the Tweet author. Learn more
Daniel Micay
@DanielMicay
Replying to
@saleemrash1d
and
@spudowiar
I don't think people would tolerate that for very basic use cases like opening links in a browser. Apps with internet access would be able to bypass this anyway since they can communicate with each other via the network. It's difficult to force apps to protect themselves.
1
1
Daniel Micay
@DanielMicay
Replying to
@DanielMicay
and
@spudowiar
The built-in file manager would also still allow access, including moving/copying it around. On the other hand, trying to lock down all communication between apps with user consent required for *each* usage is a whole different story. Lots of basic functionality would be painful.
1
Daniel Micay
@DanielMicay
Replying to
@DanielMicay
and
@spudowiar
Unless you make a lot of special cases, it's also going to encourage doing things in less private / secure ways in many cases. I don't think you'd want opening a link in a browser or opening the camera app to take a picture to be less convenient than bundling the functionality.